<?php
require("../class/connect.php");
include("../class/db_sql.php");
include("../class/config.php");
include("../class/functions.php");
$link=db_connect();
$empire=new mysqlquery();
//验证用户
$logininid=getcvar('loginuserid');
$loginin=getcvar('loginusername');
$loginrnd=getcvar('loginrnd');
$loginlevel=getcvar('loginlevel');
is_login($logininid,$loginin,$loginrnd);
//验证权限
CheckLevel($logininid,$loginin,$classid,"pl");

//------------------增加禁用字符
function AddPlWord($oldword,$newword,$userid,$username){
	global $empire,$dbtbpre;
	if(!$oldword)
	{printerror("EmptyWord","history.go(-1)");}
	//验证权限
	CheckLevel($userid,$username,$classid,"pl");
	$sql=$empire->query("insert into {$dbtbpre}enewsplwords(oldword,newword) values('$oldword','$newword');");
	$wordid=$empire->lastid();
	if($sql)
	{
		//操作日志
		insert_dolog("wordid=".$wordid);
		printerror("AddWordSuccess","PlWord.php");
	}
	else
	{printerror("DbError","history.go(-1)");}
}

//----------------修改禁用字符
function EditPlWord($wordid,$oldword,$newword,$userid,$username){
	global $empire,$dbtbpre;
	$wordid=(int)$wordid;
	if(!$oldword||!$wordid)
	{printerror("EmptyWord","history.go(-1)");}
	//验证权限
	CheckLevel($userid,$username,$classid,"pl");
	$sql=$empire->query("update {$dbtbpre}enewsplwords set oldword='$oldword',newword='$newword' where wordid='$wordid'");
	if($sql)
	{
		//操作日志
		insert_dolog("wordid=".$wordid);
		printerror("EditWordSuccess","PlWord.php");
	}
	else
	{printerror("DbError","history.go(-1)");}
}

//---------------删除禁用字符
function DelPlWord($wordid,$userid,$username){
	global $empire,$dbtbpre;
	$wordid=(int)$wordid;
	if(!$wordid)
	{printerror("NotDelWordid","history.go(-1)");}
	//验证权限
	CheckLevel($userid,$username,$classid,"pl");
	$sql=$empire->query("delete from {$dbtbpre}enewsplwords where wordid='$wordid'");
	if($sql)
	{
		//操作日志
		insert_dolog("wordid=".$wordid);
		printerror("DelWordSuccess","PlWord.php");
	}
	else
	{printerror("DbError","history.go(-1)");}
}

$enews=$_POST['enews'];
if(empty($enews))
{$enews=$_GET['enews'];}
//增加过滤字符
if($enews=="AddPlWord")
{
	$oldword=$_POST['oldword'];
	$newword=$_POST['newword'];
	AddPlWord($oldword,$newword,$logininid,$loginin);
}
//修改过滤字符
elseif($enews=="EditPlWord")
{
	$wordid=$_POST['wordid'];
	$oldword=$_POST['oldword'];
	$newword=$_POST['newword'];
	EditPlWord($wordid,$oldword,$newword,$logininid,$loginin);
}
//删除过滤字符
elseif($enews=="DelPlWord")
{
	$wordid=$_GET['wordid'];
	DelPlWord($wordid,$logininid,$loginin);
}
else
{}
$sql=$empire->query("select wordid,oldword,newword from {$dbtbpre}enewsplwords order by wordid desc");
//风格
$loginadminstyleid=(int)getcvar('loginadminstyleid');
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>过滤字符</title>
<link href="adminstyle/<?=$loginadminstyleid?>/adminstyle.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1">
  <tr>
    <td>位置：<a href=ListAllPl.php>管理评论</a>&nbsp;&gt;&nbsp;<a href="PlWord.php">管理评论过滤字符</a></td>
  </tr>
</table>
<form name="form1" method="post" action="PlWord.php">
  <input type=hidden name=enews value=AddPlWord>
  <table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" class="tableborder">
    <tr class="header">
      <td height="25">增加评论过滤字符:</td>
    </tr>
    <tr> 
      <td height="25" bgcolor="#FFFFFF"> 将评论内容包含 
        <input name="oldword" type="text" id="oldword">
        替换成 
        <input name="newword" type="text" id="newword"> 
        <input type="submit" name="Submit" value="增加">
        <input type="reset" name="Submit2" value="重置"></td>
    </tr>
  </table>
</form>
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" class="tableborder">
  <tr class="header"> 
    <td width="70%" height="25">评论过滤字符</td>
    <td width="30%" height="25"><div align="center">操作</div></td>
  </tr>
  <?
  while($r=$empire->fetch($sql))
  {
  ?>
  <form name=form2 method=post action=PlWord.php>
  <input type=hidden name=enews value=EditPlWord>
  <input type=hidden name=wordid value=<?=$r[wordid]?>>
  <tr bgcolor="#FFFFFF"> 
      <td height="25"> 将评论内容包含 
        <input name="oldword" type="text" id="oldword" value="<?=$r[oldword]?>">
        替换成 
        <input name="newword" type="text" id="newword" value="<?=$r[newword]?>">
    </td>
    <td height="25"><div align="center">
          <input type="submit" name="Submit3" value="修改">&nbsp;
          <input type="button" name="Submit4" value="删除" onclick="self.location.href='PlWord.php?enews=DelPlWord&wordid=<?=$r[wordid]?>';">
        </div></td>
  </tr>
  </form>
  <?
  }
  db_close();
  $empire=null;
  ?>
</table>
</body>
</html>
